How severe is CVE-2022-20734?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.4 out of 10.

What type of vulnerability is CVE-2022-20734?

This is classified as CWE-497, which is a common weakness in software security.

CVE-2022-20734 - MEDIUM Severity | CVSS 4.4

Vulnerability Description

A vulnerability in Cisco SD-WAN vManage Software could allow an authenticated, local attacker to view sensitive information on an affected system. This vulnerability is due to insufficient file system restrictions. An authenticated attacker with netadmin privileges could exploit this vulnerability by accessing the vshell of an affected system. A successful exploit could allow the attacker to read sensitive information on the underlying operating system.

Related Vulnerabilities

CVE-2024-36509

MEDIUM

CVSS:4.4(Medium)

An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE-497] in FortiWeb version 7.6.0, version 7.4.3 and below, version 7.2.10 and below, version 7.0.10 and b...

CWE-4972024

CVE-2024-53683

MEDIUM

CVSS:4.4(Medium)

A valid set of credentials in a .js file and a static token for communication were obtained from the decompiled IPA. An attacker could use the information to disrupt normal use of the application by c...

CWE-4972024

CVE-2023-34209

MEDIUM

CVSS:4.3(Medium)

Exposure of Sensitive System Information to an Unauthorized Control Sphere in create template function in EasyUse MailHunter Ultimate 2023 and earlier allow remote authenticated users to obtain the ab...

CWE-4972023

CVE-2024-31419

MEDIUM

CVSS:4.3(Medium)

An information disclosure flaw was found in OpenShift Virtualization. The DownwardMetrics feature was introduced to expose host metrics to virtual machine guests and is enabled by default. This issue ...

CWE-4972024

CVE-2024-37070

MEDIUM

CVSS:4.3(Medium)

IBM Concert Software 1.0.0, 1.0.1, 1.0.2, and 1.0.2.1 could allow an authenticated user to obtain sensitive information that could aid in further attacks against the system.

CWE-4972024

CVE-2024-40706

MEDIUM

CVSS:4.3(Medium)

IBM InfoSphere Information Server 11.7 could allow a remote user to obtain sensitive version information that could aid in further attacks against the system.

CWE-4972024